Role for Initiative: Mapping Cybersecurity Jobs to D&D Classes (PART 1)
Introduction Welcome, weary traveler. The realm before you is vast and often misunderstood, filled with winding roads, hidden passageways, and ever-present threats moving through the shadows. Word has spread across the land that the digital kingdoms are under constant siege, and the call has gone out for new adventurers; Some arrive with years of experience and others with little more than curiosity and a willingness to learn. Regardless of background, all stand at the edge of an unfinished map, gazing at unknown terrain and contemplating which path will be theirs to tread. As with any great adventure, the first step is not charging into battle, but rather, understanding the world around you. Every successful campaign begins by gathering information, learning the landscape, and equipping yourself with the right knowledge and tools for the job. In the following text, we will explore the many corners of cybersecurity and the kinds of adventurers who thrive within them. Think of this as a guide to setting out on the quest that best fits your strengths. What this blog is about: Professional Development Cybersecurity Domains Cybersecurity Workforce Frameworks Practical Training Options Cybersecurity Roles Actualizing Innate Potential Who is this blog for: Cybersecurity Hopefuls Career Transitioners Technical Practitioners Promotion Seekers Forever Learners D&D and RPG Fans Where to Start Whether you’re new to cybersecurity or have been in the field for a while and are planning on your next big move, the same question remains: “What next?” This type of self-examination has many follow-up questions as well: “What do I want?” “Where do I start?” “How will I progress?” “What’s my endgame?” Since cybersecurity is such a broad field, given the seemingly innumerable domains, it can be difficult to carve out a path, particularly when there are so many details to sift through. Above all else, you have to discern where you’re at right now. Understanding your baseline is key. From there, things will become more clear and, as a byproduct, goals will become more attainable. While this blog won't give you all the answers, it aims to provide the essential framework, prompts, and perspective to assist in uncovering your own solutions. First Time Adventurers For novices, the journey may appear to be engulfed by fog and surrounded in mystery while the ground beneath you feels like it could crumble at any moment. But, worry not! A tavern keeper offers some helpful advice: “Know not only what you seek, but also yourself. For that might uncover more than you expect. To know is to ask and to ask is to know.” Given their advice, you begin to ponder: “Do I have a technical background?” “Where can I find training materials suitable for a beginner?” “What transferable skills might I have for an entry-level position?” “Which roles are considered entry-level in cybersecurity, anyway?” While entry-level cybersecurity positions exist, they are highly competitive and often require prior IT experience, making it challenging to enter the field without a technical background. As a result, finding your first technical role can feel a bit overwhelming. Starting in Help Desk is a great way to gain hands-on, foundational experience. It's a classic stepping stone to becoming a Systems Administrator or Network Engineer, giving you real-world skills in user management, networking, and infrastructure. Plus, it provides a solid foundation for pivoting into a specialized security role with further education. If you’re looking to jumpstart your journey, Immersive’s Cyber Million program empowers aspiring cybersecurity professionals with the hands-on skills and job-ready experience employers are looking for. With its two distinct pathways— Cyber Fundamentals and Defensive Security Operations— candidates have access to on-demand, browser-based labs that allow them to level-up their technical skills and prove their ability to potential employers. Cyber Million prepares candidates for entry-level positions within the cybersecurity industry, which can include the following: Cybersecurity Operations Analyst Information Security Operations Analyst Security Monitoring Analyst Cyber Operations Analyst Security Operations Center (SOC) Analyst Information Technology (IT) Security Analyst Network Security Analyst Campaign Veterans Those who have been around the block know what to expect but may still have some lingering questions, particularly when it comes to navigating the revolving door of industry norms. Even with years of experience, seasoned professionals can find themselves wondering if their skills are still relevant, or if their experience is still valued in an era obsessed with everything “new and shiny.” Reflecting on this, you decide to brainstorm and consult the Orb of Interrogation, an item you obtained from a previous quest. A swirl of mist within the orb dissipates and the following questions appear: “What is my motivation for this change?” “Do I have what it takes to move into this particular role?” “Is the role I’m after something that will suit my interests?” “What evidence can I bring to the table to validate my skills?” Sometimes, change is necessary. Whatever your reasons, be sure you’re prepared for the new challenges and opportunities that lie ahead. While many employers traditionally view certifications as a benchmark for skill validation, the hiring landscape is leaning toward a more practical approach: Experiential learning. This phenomenon refers to the process of learning through experience, or “learning by doing” and is rapidly becoming a more preferred indicator of job readiness. If your objectives demand new capabilities, prioritize focused, targeted upskilling. To maximize results, diversify your methodology and employ facets of experiential learning, such as hands-on labs, exercises, and workshops. Provided you’re looking to move into a different role and your company is already using Immersive, you can satisfy skill requirements by taking adaptive assessments, working through role-based career paths within the platform, and earning badges. Generally, a "Demonstrate Your Skills" lab is located at the end of a lab collection to verify your proficiency in that topic. Beyond having an extensive training catalog, Immersive also provides free resources like blogs, ebooks, webinars, podcasts, and infographics to further expand your knowledge. The Lay of the Land Cybersecurity Relationally speaking, cybersecurity is a subcategory of information security— “The practice of protecting information and information systems from unauthorized access, use, and disclosure, including means for protecting personal privacy and proprietary information”— as per the National Institute of Standards and Technology (NIST). Cybersecurity, specifically, pertains to “the ability to protect or defend the use of cyberspace from cyber attacks.” Moreover, it can be further defined as “the process of preventing damage to, protecting, and restoring computers, electronic communications systems, and services, including their stored information.” That said, cybersecurity has several domains and fields of study to explore. Cybersecurity Domains At the highest level, domains can be described as key focus areas that lend structure to the various components of cybersecurity. Cybersecurity domains are interdependent, working together like gears in a complex machine. Without governance, there are no policies, procedures, and standards. Without standards, architecture becomes a chaotic, inconsistent, and fragmented collection of unmanageable solutions. Without architecture, business strategies cannot be translated into functional, scalable, or secure technology solutions. And so on and so forth… Cybersecurity Domains, Henry Jiang The Map of Cybersecurity Domains by Henry Jiang serves as an effective, comprehensive framework for understanding core security disciplines, though it does not cover every aspect. On that note, depending on where you look, you might find conflicting representations of cybersecurity domains and their associated functions. Nonetheless, there seems to be somewhat of a consensus across various sources that underscores a foundational, integrated approach to managing people, processes, and technology. In the professional landscape, these conceptual domains can be translated into specialized work roles that constitute the backbone of modern security teams. For instance, in the United States, the National Initiative for Cybersecurity Education (NICE) Framework, led by NIST, “acts as a partnership between government, academia, and the private sector designed to energize and promote a robust, integrated ecosystem of cybersecurity education, training, and workforce development to address the shortage of skilled professionals.” Meanwhile, across the pond, the European Union Agency for Cybersecurity has their own blueprint: The European Cybersecurity Skills Framework (ECSF). Similar to the NICE Framework, ECSF serves as “a practical tool to support the identification and articulation of tasks, competencies, skills, and knowledge associated with the roles of European cybersecurity professionals.” While some of the phrasing might be different, both frameworks outline cybersecurity work roles and the skills needed to obtain or excel in them, providing a standardized language that helps professionals, educators, and employers map out career paths and identify critical training requirements. Depending on where you’re located and the organization you’re looking to work for, these expectations may vary. Finding Your Next Role But what about roles? What roles belong to each category? And more importantly, how do you figure out which one is right for you? Let’s borrow the concept of cybersecurity domains and reshape them into a set of basic role categories to help you identify your professional “archetype.” To make this even more relatable, we have also paired each category with a Dungeons & Dragons class to paint a clear picture of what type of person is best suited for each role category. As an added bonus, each class features a hand-drawn illustration… of animals. Because who doesn’t like animals!? Please note that these classifications are generalizations and the included roles are by no means comprehensive. Cybersecurity Architecture D&D Class: The Artificer Saves: Constitution and Intelligence D&D Class Description: A master of invention and magical engineering. More than using tools, they build the very infrastructure and enchanted items that keep the party safe, obsessing over every piece of gear and rune. Real-World Summary: Cybersecurity Architects design the secure foundations that modern systems rely on. They think about how networks, cloud services, applications, and security tools fit together so organizations can operate safely without slowing down the business. Their work usually starts long before a system is built. Architects review technologies, choose security frameworks, and help teams design environments that reduce risk from the start. They work closely with engineers and developers so things like authentication, encryption, and monitoring are built into the design instead of being added later. Because they look at systems as a whole, architects often catch problems early. Their decisions influence how technology is deployed and how well it can stand up to real threats. NICE Work Role Category: Design and Development (DD) Roles: Cloud Security Architect, Cybersecurity Architect, Solutions Architect Appeal: Is your Steam library full of real-time strategy games? Do you find yourself thinking several steps ahead? Cybersecurity Architecture is a good fit for people who like seeing the big picture and planning how complex systems come together. Cybersecurity Leadership D&D Class: The Bard Saves: Dexterity and Charisma Class Description: An inspiring performer of music, dance, and magic. Bards are charismatic strategists who inspire allies and coordinate the party’s strengths. They rely on communication, diplomacy, and knowledge to guide others and keep the group aligned toward a common goal. Real-World Summary: Cybersecurity Leadership decides how an organization approaches security. They guide strategy, manage teams, and make sure security efforts support the goals of the business. Instead of focusing on one technical issue or “getting in the weeds”, they look at risk across the entire organization. They help leadership understand security problems in plain terms and decide where time and money should be spent. They also make sure security teams have what they need to do their jobs. Another part of the role is shaping culture. Good leaders help people across the company understand why security matters and how their everyday work affects it. NICE Work Role Category: Oversight and Governance (OG) Roles: Chief Information Officer, Chief Information Security Officer, Technical Manager Appeal: Do you enjoy guiding teams and helping people work toward a shared goal? Cybersecurity leadership fits people who communicate well, think strategically, and like connecting technical work to real business decisions. 👉 PART TWO OF THE BLOG HERE!CyberWomen Groups C.I.C. x Immersive Cyber Million: Hack to the Future 2.0
- TICKET REQUIRED - Join us for an evening of hands-on workshops and talks to demystify early careers in cybersecurity and level up your skills. This event is aimed at students and beginners! Agenda 17:30 - 18:00 Arrivals and Refreshments 18:00 - 19:00 Workshops 19:00 - 19:30 Guest Talk 19:30 - 20:00 Break & Networking 20:00 - 20:40 Panel Discussion 20:40 - 21:00 Close About this event CyberWomen Groups C.I.C. and Immersive are bringing you a bigger and better Hack to the Future this year! Open to students, career changers, and the cyber-curious, this event will help you demystify early careers in cyber and show you how to use Immersive’s very own Cyber Million platform to upskill. Choose from two interactive workshops led by Immersive’s cyber team, exploring real-world security concepts and attack pathways. After the workshops, enjoy an inspirational talk and expert panel, plus plenty of time to connect with others and grow your professional network. In true Hack to the Future style, there’ll be drinks and pizza to fuel the fun! You’ll need to sign up for the free Cyber Million platform to access the workshops on the day. Get your free ticket now to secure your spot and receive full joining instructions.The Human Connection Challenge Lab 1: Basic OS Skills – Walkthrough Guide (Community Version)
This is a walkthrough guide written by one of our community members, who offered to give their perspective on the challenge. Interestingly, they approached this challenge by completing some of the tasks in the graphical user interface (GUI) instead of the command line.Human Connection Challenge: Season 1 – Scanning Walkthrough Guide (Official Version)
Time’s Up! Congratulations to everyone who completed Lab 2: Scanning from the Human Connection Challenge: Season 1. In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge. This challenge has now ended, but the lab remains available for practice. While prizes are no longer up for grabs, you can still complete the lab and use this walkthrough guide for support if needed. I’ve also used placeholders in some of the commands that would give away an answer directly, so if you see anything enclosed in angle brackets, such as <name server>, please make sure you replace it with the actual value, such as nameserver. With all that considered, let's get started. Overview Task: Identify the name server records of tinytown.bitnet. 1. What is the IP of the first name server for tinytown.bitnet? You’ll first need to open a Terminal on the Kali desktop. Next, you’ll need to query the DNS Server IP (found in the Machines panel) about the tinytown.bitnet domain using the nslookup (Name Server Lookup) tool. You’re specifically looking for NS (Name Server) records, so you can use the -type=ns parameter with nslookup to specify this: nslookup -type=ns tinytown.bitnet [DNS Server IP] The output of this command will return two name servers for the domain labelled with 1 and 2. Your next step is to identify what IP address is associated with the first name server (1). To do this, you can use nslookup along with the name server, domain, and DNS Server IP: nslookup <name server>1.tinytown.bitnet [DNS Server IP] This command will then return an IP address for the name server. 2. What is the IP of the second name server for tinytown.bitnet? As you’ve already identified both name servers, you’ll just need to run the previous command, except with the second (2) name server: nslookup <name server>2.tinytown.bitnet [DNS Server IP] You’ll then find the IP address associated with it. Task: Identify port service information for Target 1. 3. What service version is running on port 53? A network scanning tool like Nmap can help you identify the service version running on a specific port. To do this with Nmap, you can use the -sV option for service detection: nmap -sV [Target 1 IP Address] The output will show what service version is running on port 53. 4. What is the full service banner of port 22? There are a couple of ways to find the full service banner of port 22 – such as with Nmap or Netcat. If you’re using Nmap, you can modify the previous command to include the “banner” script along with the port number: nmap -sV -script=banner [Target 1 IP Address] -p22 The command line will then display the service banner from port 22. You can alternatively use netcat to manually connect to the SSH server. When a client connects, Netcat may present a banner that contains version information. To use Netcat, you’ll need the nc command along with the Target 1 IP address and specify you want to connect to port 22: nc [Target 1 IP Address] 22 When you run this command, the banner appears before the terminal hangs. Task: Identify a token on one of the ports. 5. What is the token? With the previous Nmap command, you initially found that three ports were open on Target 1. However, you’ll need to do a more thorough network scan to find another open port, one not initially found with the previous scans. To do this, you can expand your port scan to cover a much wider range by using Netcat to scan for open ports from 1 through 9000: nc -zvn <Target 1 IP Address> 1-9000 Here, -z will scan for listening services but won’t send any data, -v is verbose mode, which provides more detailed information, and -n tells Netcat not to resolve hostnames via DNS. This command will reveal a fourth open port. Now, you can use Netcat to connect to this port: nc <Target 1 IP Address> <open port> The token will then be displayed in the terminal. Task: Scan the TLS configuration on Target 2. 6. How many protocols are enabled? To scan for SSL/TLS configurations, you can use the sslscan tool. By default, sslscan scans port 443 and will return supported server ciphers, certificate details, and more. You can use sslscan like this: sslscan <Target 2 IP Address> The returned output will be verbose, but you can find and count the number of enabled protocols under the SSL/TLS Protocols subheading. 7. Name an enabled protocol. Using the previous output, name one of the enabled protocols. 8. What exploit are the protocols NOT vulnerable to? Using the same output, scroll down through the results until you find a subheading that’s named after a vulnerability and contains a similar string to: <Protocol> not vulnerable to <vulnerability name> The vulnerability has the same name as the subheading. Task: Identify and extract information from an SMB share on Target 3. 9. What Disk shared directory can you access? To extract information from an SMB (Server Message Block) share, you can use the smbclient tool. First, you’ll need to list the SMB shares on the target using the -L flag (the list/lookup option) with: smbclient -L //<Target 3 IP> You’ll then be prompted for a password, but you can press Enter to skip this. A list of SMB shares will then be displayed, three of which are shown to be a Disk type, so you know the answer will be one of these. You can now begin to go through the list and try to connect to the shares with: smbclient //<Target 3 IP>/<Sharename> However, this time when you’re prompted for a password and you press Enter, you might encounter a message when you try and connect to a share: NT_STATUS_ACCESS_DENIED If you attempt to connect to all shares, you’ll find you can connect to one share without a password. You’ll then be greeted with the following prompt to show the successful connection: smb: \> 10. What is the token stored in the directory? Now that you’re connected, you can execute commands to interact with the SMB share. If you run ls, you’ll find a token.txt file in the current directory. You can then download the file from the share onto your local machine with: get token.txt On the Kali desktop, open the Home folder and the token.txt will be inside. Open this file and find the token. 11. What is the username stored in the directory? After you’ve run ls in the SMB share, you’ll find not only token.txt, but also a file named creds.txt. Use the same command as you just did previously to download the file onto your machine: get creds.txt This file will also be downloaded to the Home folder, where you can find a username and password. Task: Identify open services on Target 3. Task: Connect to Target 3 with the previously found credentials. 12. What is the token stored in the user's /Documents directory? For this final task, you first need to scan the target using Nmap. You’ll find that if you attempt to scan the target without using the -Pn flag, you’ll get a response saying that the host seems down. However, if you run Nmap with -Pn, you’ll find some ports are open: nmap -Pn <Target 3 IP Address> However, the ports returned from this command don’t offer a way to connect to the target. You’ll also need to scan the 6000 most popular ports: nmap -Pn --top-ports 6000 <Target 3 IP Address> These results will now show two additional ports are open regarding the Web Services Management (Wsman) protocol, which is used to communicate with remote machines and execute commands. One of the tools that implement this protocol is Windows Remote Management (WinRM) which is Microsoft’s implementation of Wsman. Knowing this, you can now use Metasploit to interact with the target. In your terminal, run: msfconsole Once loaded, you can use the the following auxiliary module to connect to a system with WinRm enabled and execute a command with: set cmd ls You’ll then need to set the following options, using the credentials you found in the creds.txt file: set username <username> set password <password> set rhosts <Target 3 IP Address> Next, you need to set the cmd option with the command you want to run. If you use the ls command, you’ll be able to find what out files are in the directory you connect to: set cmd ls With all the options set, you can now run the module: run The results of the executed command will be printed on the screen and also saved to a directory, but both show the existence of a token.txt file in the current directory. You can now set the cmd option to type token.txt in Metasploit: set cmd type token.txt Once set, use the run command to send the updated command: run The contents of token.txt will then be displayed on the screen and outputted to a file. Tools For this challenge, you’ll use a range of tools including: Nslookup Nmap Netcat Sslscan Smbclient Metasploit Tips You can use different tools and parameters within those tools to scan for and find information, so don’t be afraid to try out a few different things! If you want to learn more about some of the tools within this lab, take a look at the following collections: Reconnaissance Nmap Infrastructure Hacking Introduction to Metasploit Post Exploitation with Metasploit Conclusion The steps I’ve laid out here aren’t the only way to find the answers to the questions, as long as you find the answer, you did it – well done! If you found another way to find some of these answers and think there’s a better way to do it, please post them in the comments below! I hope you enjoyed the challenge and I’ll see you for the next one.The Human Connection Challenge Lab 1: Basic OS Skills - Walkthrough Guide (Official Version)
In this walkthrough, I'll share some strategies for efficiently completing the lab, based on my perspective as the author. Remember, there are often multiple ways to approach a challenge, so if you used a different method and succeeded, that's perfectly fine! The goal is to learn, and I hope these notes help clarify any steps and reinforce key concepts for the next challenge.Introducing The Human Connection Challenge: Season 1
Starting today we will begin releasing a series of all-new Challenge Labs. Each month you’ll be given the chance to showcase your cybersecurity skills across a range of topics and climb the Season 1 Leaderboard, with the chance to win kudos and rewards along the way.
